Tod Beardsley
a58ddcae1b
Adds reporting to Patrick's Checkpoint module
...
Also refers to port 264/TCP as the SecuRemote service instead of the
Topology service (I believe this is correct)
Reporting is initially conservative -- if we don't get something for
fw_hostname, then don't bother reporting at all; assume we're
mis-identifying the target.
2011-12-20 15:44:05 -06:00
sinn3r
d439390aa2
Fix typo
2011-12-20 12:19:34 -06:00
sinn3r
c2d59f0307
Fix issue #6133
2011-12-20 11:32:33 -06:00
Tod Beardsley
c83c3d5128
TFTP forgot to commit my rename.
...
Fixes #5291 for real.
2011-12-20 10:45:29 -06:00
Tod Beardsley
1a396ba955
Merge pull request #70 from rapid7/tftp_client
...
Tftp client
2011-12-20 08:42:42 -08:00
Tod Beardsley
11a27a1e61
Renaming TFTP transfer util.
...
See #5291 . Just renaming the file.
2011-12-20 10:06:44 -06:00
Tod Beardsley
24d53efa7c
Final touches on TFTP client
...
See #5291 . Adds an option to mess with the block size in case someone
wants to write a fuzzer or exploit that leverages that. Adds a cleanup
method to the module (pretty much required, it turns out). Looking
nearly final, just need to rename the module and I think we're good to
push to master.
2011-12-20 10:03:04 -06:00
sinn3r
0200b6367a
Add OKI Scanner (Feature #6125 )
2011-12-20 03:09:09 -06:00
Tod Beardsley
677cb4b152
Handle empty data sends sanely for TFTP.
...
Don't just hang forever -- let the user know they just send empty data.
TFTP servers don't like this of course.
2011-12-19 21:56:03 -06:00
Tod Beardsley
2b3e3725ac
TFTP adding comment docs, ability to send w/out a file.
...
Commenting the tricksy parts a little better for general usage.
Adding the ability to set FILEDATA instead of FILENAME, in case
only short bits of data are desired and the user doesn't want
to go to the trouble of creating a source file to upload.
2011-12-19 18:15:19 -06:00
Tod Beardsley
431ef826c9
TFTP client now uses constants, preserves trailing spaces/nulls in data
...
See #5291 , just rediscovered the bug on this.
2011-12-19 16:33:25 -06:00
Tod Beardsley
5eaf2e7535
Adding download and loot functionality.
...
Still need to deal with the use case of not passing a block; blocks
should not be required, it should be okay to invoke and just wait for
the complete attribute to be true. You'll miss out on error messages but
eh, maybe those should be return values.
2011-12-19 15:50:50 -06:00
Tod Beardsley
aecde6fea4
Updating TFTP client. Now with grown-up thread handling.
...
No longer blocks on successful connections.
2011-12-19 12:14:40 -06:00
Tod Beardsley
902d7f5ea7
Adding more to TFTP. Still need a read tho
...
Adds error checking and some helpful messaging in the event of an error.
In the event of a failed transfer the module exits immediately, but in
success, I'm still hanging around for several seconds after. Not a deal
breaker but can be annoying.
Also, need to implement a read as well as a write and store it as loot,
to be actually useful for most TFTP checking.
2011-12-18 21:05:27 -06:00
Tod Beardsley
23aadd04f7
Fixing merge conflict cruft
...
Dangit teach me to merge quickly. TFTP module now loads again.
2011-12-18 13:28:52 -06:00
Tod Beardsley
1201d7fbf2
Merge branch 'tftp_client' of github_r7:rapid7/metasploit-framework into tftp_client
...
Conflicts:
modules/auxiliary/admin/tftp/tftp_upload_file.rb
2011-12-16 22:41:22 -06:00
Tod Beardsley
0b8914021c
Switch to vprint_status, also add skeletal cleanup def.
2011-12-16 21:06:10 -06:00
Tod Beardsley
50fa10679b
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:41:55 -06:00
Tod Beardsley
a6867ef128
First draft of a TFTP client.
...
Could use some actual error checking and also needs to expose
more options.
2011-12-16 18:39:09 -06:00
Patrick Webster
205637892b
Added checkpoint_hostname aux module.
2011-12-16 10:54:34 -06:00
sinn3r
bb2ea62de8
Add CVE-2008-0926: Novell eDirectory eMBox Unauthenticated Access (Feature #2729 )
2011-12-15 23:09:26 -06:00
sinn3r
7b2a1dc791
Repair dead milw0rm link to exploit-db
2011-12-13 16:11:33 -06:00
sinn3r
a5189917da
Add CVE-2005-4832: Oracle Database Server DBMS_CDC_SUBSCRIBE SUBSCRIPTION_NAME SQL Injection (Feature #6094 )
2011-12-13 15:44:39 -06:00
Tod Beardsley
f402b8598b
Whitespace and File.open binary mode cleanups.
...
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
2011-12-12 17:31:28 -06:00
Tod Beardsley
b4f58ef8fd
Trailing commas kill 1.8. dangit.
...
Fixed dns_fuzzer to knock that off.
2011-12-12 10:26:53 -06:00
HD Moore
4736cb1cbe
Merge pull request #48 from swtornio/master
...
add osvdb ref
2011-12-11 20:37:43 -08:00
HD Moore
a9db05e53b
Fix regular expression
2011-12-10 13:24:58 -06:00
HD Moore
cd4d7d3c47
Handle IPv6 properly (host header parsing)
2011-12-10 13:24:58 -06:00
Steve Tornio
25685c4c74
add osvdb ref
2011-12-10 08:07:21 -06:00
Tod Beardsley
8ccb68c9df
Adding an add_socket() to dhcp and rftp as lauched with a survice
...
when succesful.
Closing the related pull reuquest for this one.
2011-12-10 03:39:25 -06:00
Tod Beardsley
e52436e7ad
Drop the incorrect Id keyword from h323_version
2011-12-09 14:29:55 -06:00
sinn3r
d6d9ac17d2
use store_loot() instead of store_local()
2011-12-08 11:10:31 -06:00
sinn3r
c366e652b9
Revert "Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()"
...
This reverts commit d37daa4934
.
2011-12-08 10:11:09 -06:00
sinn3r
d37daa4934
Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()
2011-12-07 19:08:24 -06:00
sinn3r
aa5c0c46b6
Fix indent level
2011-12-07 18:44:49 -06:00
sinn3r
feab7f5077
Add CVE-2011-4350
2011-12-07 18:42:52 -06:00
sinn3r
b7ccbcd6b5
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-07 12:23:23 -06:00
sinn3r
84682b3615
Apply patch #6072
2011-12-07 12:22:58 -06:00
HD Moore
b8767d5f57
Fix typo on 1.8.7
2011-12-07 10:45:23 -06:00
Tod Beardsley
f1950c2fe1
Adding back bitstruct (current upstream) and dns_fuzzer module
...
Fixes #3289 .
This commit adds back the bit-struct library because in the end,
it is useful for some modules, especially pello's. It's small
and it has a nice license, so why not. After all, it /is/
useful for quicky application headers. Eventually, should
be replaced by StructFu, but that requires some doc work
on my part to get that transition in place.
This also adds pello's DNS fuzzer module which makes use of
BitStruct to create sometimes malformed-on-purpose DNS headers.
Tested against 3 different DNS servers, caused one to reboot,
so I'd say it works.
2011-12-06 17:03:36 -06:00
sinn3r
0bbbcd549d
Add port information, and allow search in data
2011-12-05 22:22:36 -06:00
Tod Beardsley
84af4647db
Merge branch 'issue_1083_oracle'
2011-12-05 17:39:46 -06:00
Tod Beardsley
4da2c32734
Minor update to xdb_side_brute, see #1083
...
Adds a typo fix and adds an explicit VERBOSE option.
2011-12-05 15:11:09 -06:00
HD Moore
dbd00efefe
Merge branch '4.3-schema'
2011-12-05 15:04:35 -06:00
sinn3r
37516134f0
FILTER shouldn't be case-sensitive
2011-12-05 13:19:04 -06:00
HD Moore
97087d88fa
Mark portscan modules as v6 incompatible
2011-12-05 13:07:36 -06:00
HD Moore
cf28713f9a
Mark specific modules as incompatible due to use of quad-dot code
2011-12-05 13:07:36 -06:00
sinn3r
fd2eb200fb
Add Shodan Search Module (Feature #5451 )
2011-12-05 12:50:21 -06:00
sinn3r
3cd2caca1a
Fix #6052
2011-12-04 13:49:13 -06:00
Steve Tornio
f63a616739
add osvdb ref
2011-12-04 07:48:48 -06:00
sinn3r
2720572a37
Add IPSwitch Whatsup Gold TFTP directory traversal module
2011-12-03 18:46:34 -06:00
HD Moore
dbe7e6aecf
Remove a leftover debugging statement
2011-12-02 00:06:04 -06:00
HD Moore
9f99cfc757
Convert the h323 module to MSF_LICENSE (backport from Pro)
2011-12-01 16:01:01 -06:00
HD Moore
3e5e9a910e
Add h323 scanner
2011-12-01 16:01:01 -06:00
David Maloney
40ab37fa10
Merge branch 'iss5979'
2011-11-30 12:16:33 -08:00
sinn3r
897731f3a5
Check creds (feature #6025 ). Also bringing the 'Inbox' regex back
2011-11-29 11:01:39 -06:00
Tod Beardsley
f503bd9488
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
2011-11-28 17:52:34 -06:00
Rob Fuller
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
sinn3r
3a84c31326
Using a better regex for a successful login. Thanks Borys.
2011-11-28 14:29:42 -06:00
sinn3r
bc541c118d
Apply patch #6020
2011-11-28 14:16:24 -06:00
sinn3r
5165865560
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-28 14:07:19 -06:00
sinn3r
59ab0c3a18
Fix bug #6021 , Thanks Borys
2011-11-28 14:06:56 -06:00
Tod Beardsley
44a47f9913
Fixing up OWA bruteforce module to conform with the usual print_status
...
messages.
2011-11-28 13:31:54 -06:00
sinn3r
a578db7f56
Apply fix for #6019
2011-11-28 01:12:18 -06:00
sinn3r
ebfe269698
Apply patch for #5824
2011-11-26 16:52:12 -06:00
sinn3r
5e08c93ac9
Apply patch #5580
2011-11-26 15:32:43 -06:00
sinn3r
b7950a752e
Add feature #4929 (MS09-053)
2011-11-26 13:30:35 -06:00
David Maloney
c61d02686a
HTTP login scanners need to set duplicate_ok to true
...
or different web applications on the same server
may wipe eachother's creds out.
2011-11-22 13:04:10 -08:00
David Maloney
9d7f7b1f0e
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-22 11:53:14 -08:00
David Maloney
9e40fac8b1
Added a check to the Axis login scanner to ensure
...
that the supplied url is valid.
Need this because we don't currently have a way to fingerprint
for Axis2 so we are relying on Tomcat fingerpinting.
2011-11-22 11:52:06 -08:00
sinn3r
25f4b45bd1
Apply patch #6004
2011-11-22 13:07:46 -06:00
David Maloney
f81567fb6f
Fix to typo in the tables being pushed.
2011-11-21 15:49:57 -08:00
James Lee
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
David Maloney
ff22246119
Attempt to fix #5979
2011-11-18 12:53:35 -08:00
David Maloney
c8142043e9
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
...
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
Tod Beardsley
96d2209ca2
Minor fixups for trace report_note patch
2011-11-14 10:40:11 -06:00
andurin
5d5c9464cc
Do some report_note while TRACE detection
2011-11-14 12:10:53 +01:00
Andurin
71599f5ef9
Fix sqlmap aux to work with actual sqlmap.py
...
Commit relates to IssueID #5807
2011-11-13 09:18:33 +01:00
sinn3r
e4ebb890d8
Apply patch for bug #5963
2011-11-12 13:17:26 -06:00
sinn3r
62fdbd549c
no need to register VERBOSE, because it's already a standard option in all modules. Thanks egyp7 for the reminder.
2011-11-11 15:37:47 -06:00
sinn3r
2d940e2c91
Apply patch #5952
2011-11-11 14:58:17 -06:00
sinn3r
35f84f5e42
yo, ruby 1.8 fix
2011-11-11 11:38:28 -06:00
sinn3r
fdef66f2bf
yo, ruby 1.8 fix
2011-11-11 11:38:08 -06:00
sinn3r
e972234629
yo, owa bruteforce utility in the house (Feature #4725 )
2011-11-11 11:23:35 -06:00
David Maloney
c30d98093f
Merge branch 'iss5426'
2011-11-10 20:39:48 -08:00
David Maloney
c984ea41d1
Quick fix to cred sourcing to eliminate spaces in the source type
2011-11-10 20:39:13 -08:00
HD Moore
43fa2c3d1b
Add a gitignore and delete the broken file_autopwn code. Fixes #4964
2011-11-10 20:11:53 -06:00
wchen-r7
3a328e1a1c
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-10 16:09:35 -06:00
wchen-r7
b761c6a9cc
Add feature #5933
2011-11-10 16:09:03 -06:00
HD Moore
d75e4aead3
Cosmetic changes
2011-11-10 15:45:02 -06:00
Steve Tornio
0c36915dae
add osvdb ref
2011-11-10 13:24:26 -06:00
wchen-r7
453082678f
Add CVE-2010-1871 (Feature #5922 )
2011-11-10 10:21:17 -06:00
Matt Buck
16f45fc894
Add empty directories from svn repo.
2011-11-09 18:41:40 -06:00
Wei Chen
9ff5eabb4b
Fix #4915
...
git-svn-id: file:///home/svn/framework3/trunk@14201 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 08:51:47 +00:00
David Maloney
a88f954640
More Cred Sourcing
...
git-svn-id: file:///home/svn/framework3/trunk@14197 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-09 01:49:57 +00:00
David Maloney
aa4f6c1cae
More cred sourcing fixes
...
git-svn-id: file:///home/svn/framework3/trunk@14193 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 18:45:47 +00:00
David Maloney
cdbe7bc587
Multiple fixes to cred reporting on this module
...
git-svn-id: file:///home/svn/framework3/trunk@14192 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 17:25:39 +00:00
Wei Chen
16fc275853
whitespace cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@14191 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 16:09:31 +00:00
Patrick Webster
77a3edbb4f
Added squiz_matrix_user_enum aux module.
...
git-svn-id: file:///home/svn/framework3/trunk@14185 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 03:14:39 +00:00
Wei Chen
ad94bae78f
Fix bug #5923
...
git-svn-id: file:///home/svn/framework3/trunk@14182 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 17:52:02 +00:00